1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
|
$NetBSD: patch-CVE-2012-4428,v 1.1 2013/02/14 16:51:32 drochner Exp $
try to prevent list overrun (upstream code is completely rewritten)
--- common/slp_compare.c.orig 2005-02-15 20:07:43.000000000 +0000
+++ common/slp_compare.c
@@ -270,9 +270,9 @@ int SLPContainsStringList(int listlen,
itembegin = itemend;
/* seek to the end of the next list item */
- while(1)
+ while(itemend != listend)
{
- if(itemend == listend || *itemend == ',')
+ if(*itemend == ',')
{
if(*(itemend - 1) != '\\')
{
@@ -326,9 +326,9 @@ int SLPIntersectStringList(int list1len,
itembegin = itemend;
/* seek to the end of the next list item */
- while(1)
+ while(itemend != listend)
{
- if(itemend == listend || *itemend == ',')
+ if(*itemend == ',')
{
if(*(itemend - 1) != '\\')
{
@@ -415,9 +415,9 @@ int SLPUnionStringList(int list1len,
itembegin = itemend;
/* seek to the end of the next list item */
- while(1)
+ while(itemend != listend)
{
- if(itemend == listend || *itemend == ',')
+ if(*itemend == ',')
{
if(*(itemend - 1) != '\\')
{
|
